ComboFix 10-08-24.0A - Adam 08/25/2010 0:44.6.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1087 [GMT -6:00]
Running from: c:\users\Adam\Desktop\ComboFix.exe
Command switches used :: c:\users\Adam\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
Some 3rd party browsers were infected and had to be removed. Do not be alarmed.
c:\program files\mozilla Firefox\firefox.exe
Infected copy of c:\windows\system32\wininit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\wininit.exe
Infected copy of c:\program files\internet explorer\iexplore.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_tduasqbp
((((((((((((((((((((((((( Files Created from 2010-07-25 to 2010-08-25 )))))))))))))))))))))))))))))))
.
2010-08-25 07:02 . 2010-08-25 13:34 -------- d-----w- c:\users\Adam\AppData\Local\temp
2010-08-25 07:02 . 2010-08-25 07:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-25 07:02 . 2010-08-25 07:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-24 03:59 . 2008-01-21 02:23 96768 ----a-w- c:\windows\system32\wininit.exe
2010-08-24 01:51 . 2008-01-21 02:23 96768 ----a-w- C:\wininit.exe
2010-08-23 09:06 . 2010-08-23 09:06 -------- d-----w- c:\windows\system32\MpEngineStore
2010-08-22 17:12 . 2010-06-11 16:16 274944 ----a-w- c:\windows\system32\schannel.dll
2010-08-22 17:12 . 2010-06-08 17:35 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-22 17:12 . 2010-06-08 17:35 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-22 17:12 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-22 17:11 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-22 17:11 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-08-22 17:10 . 2010-06-21 13:37 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-08-22 17:09 . 2010-06-11 16:15 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-08-22 17:09 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-22 17:09 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-15 19:24 . 2010-08-15 19:24 -------- d-----w- C:\rsit
2010-07-31 21:55 . 2006-11-02 09:39 15821312 ----a-w- c:\windows\system32\imageres.dll
2010-07-31 21:49 . 2010-07-31 21:49 -------- dc----w- c:\programdata\{CFA6F4AE-B6D4-4F71-BBA4-ACFE805E7214}
2010-07-30 03:12 . 2010-07-30 03:20 -------- d-----w- C:\AdobeTemp
2010-07-29 18:17 . 2010-07-29 18:17 -------- d-----w- c:\users\Adam\AppData\Local\VS Revo Group
2010-07-29 18:17 . 2009-12-30 18:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-07-29 18:17 . 2010-07-29 18:17 -------- d-----w- c:\program files\VS Revo Group
2010-07-28 23:50 . 2010-07-28 23:50 -------- d-----w- c:\program files\Sophos
2010-07-28 00:21 . 2010-07-28 00:21 -------- d-----w- c:\users\Adam\AppData\Local\Mozilla
2010-07-27 19:36 . 2010-07-28 23:39 -------- d-----w- C:\TDSSKiller_Quarantine
2010-07-27 19:05 . 2008-03-02 09:28 206608 ----a-w- c:\windows\system32\drivers\TMPassthru.sys
2010-07-27 19:03 . 2010-07-27 19:04 -------- d-----w- c:\program files\Trend Micro
2010-07-27 05:08 . 2010-07-27 05:08 -------- d-----w- c:\users\Adam\AppData\Roaming\Malwarebytes
2010-07-27 05:08 . 2010-04-29 21:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-27 05:08 . 2010-07-27 05:08 -------- d-----w- c:\programdata\Malwarebytes
2010-07-27 05:08 . 2010-07-27 05:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-27 05:08 . 2010-04-29 21:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-25 13:33 . 2010-05-30 16:47 34805 ----a-w- c:\programdata\nvModes.dat
2010-08-25 03:42 . 2010-07-25 17:35 -------- d-----w- c:\programdata\webroot
2010-08-23 09:28 . 2008-03-20 07:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-23 09:09 . 2008-03-20 07:26 -------- d-----w- c:\program files\Microsoft Works
2010-08-23 09:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-22 17:13 . 2010-08-22 17:13 -------- d-----w- c:\program files\VirusTotalUploader2
2010-08-22 16:51 . 2008-11-28 01:43 113368 ----a-w- c:\users\Adam\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-20 20:48 . 2008-12-12 03:50 -------- d-----w- c:\programdata\BVRP Software
2010-08-17 04:18 . 2009-01-05 01:05 -------- d-----w- c:\users\Adam\AppData\Roaming\Skype
2010-08-17 04:17 . 2009-01-05 01:06 -------- d-----w- c:\users\Adam\AppData\Roaming\skypePM
2010-08-13 00:37 . 2009-10-03 20:41 -------- d-----w- c:\program files\Microsoft
2010-08-12 23:17 . 2008-12-08 22:37 -------- d-----w- c:\programdata\Microsoft Help
2010-08-12 23:17 . 2008-12-09 03:30 -------- d-----w- c:\program files\Microsoft.NET
2010-08-12 23:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2010-08-10 02:09 . 2010-04-11 22:20 -------- d--h--w- c:\programdata\{358E2726-5129-4614-9175-3CAA96153DFA}
2010-08-10 02:09 . 2010-03-29 03:51 -------- d-----w- c:\program files\Common Files\Stardock
2010-07-31 21:50 . 2010-03-29 03:38 -------- d-----w- c:\program files\Stardock
2010-07-30 03:36 . 2008-11-29 21:21 -------- d-----w- c:\program files\EA GAMES
2010-07-30 03:17 . 2008-03-20 07:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-29 00:05 . 2009-01-04 21:24 -------- d-----w- c:\program files\MagicDisc
2010-07-28 23:59 . 2008-12-11 16:55 -------- d-----w- c:\program files\Common Files\Motorola Shared
2010-07-28 23:48 . 2009-02-24 07:20 -------- d-----w- c:\program files\Rising Research
2010-07-28 23:48 . 2009-07-16 00:37 -------- d-----w- c:\program files\Audiosurf
2010-07-28 01:40 . 2010-07-06 03:34 -------- d-----w- c:\program files\The Wonderful End of the World
2010-07-28 01:39 . 2009-02-22 02:20 -------- d-----w- c:\users\Adam\AppData\Roaming\Red Kawa
2010-07-28 01:38 . 2008-12-07 22:06 -------- d-----w- c:\program files\Xilisoft
2010-07-27 07:30 . 2010-07-22 18:00 -------- d-----w- c:\programdata\Update
2010-07-27 04:05 . 2008-12-07 03:55 -------- d-----w- c:\program files\Thoosje Vista Tweaker
2010-07-27 04:04 . 2009-01-16 02:14 -------- d-----w- c:\program files\NCH Swift Sound
2010-07-27 04:03 . 2009-06-23 01:42 -------- d-----w- c:\program files\MobMapUpdater
2010-07-27 04:03 . 2009-06-27 22:47 -------- d-----w- c:\program files\Graboid
2010-07-27 03:45 . 2008-01-21 02:23 34360 ----a-w- c:\windows\system32\drivers\mouclass.sys
2010-07-27 01:20 . 2009-01-16 02:19 -------- d-----w- c:\programdata\NCH Swift Sound
2010-07-27 01:20 . 2009-01-16 02:19 -------- d-----w- c:\users\Adam\AppData\Roaming\NCH Swift Sound
2010-07-26 18:40 . 2008-11-28 02:08 2708 ----a-w- c:\users\Adam\AppData\Local\d3d9caps.dat
2010-07-25 17:49 . 2009-02-08 22:23 -------- d-----w- c:\program files\Webroot
2010-07-25 17:36 . 2010-07-25 17:36 -------- dc-h--w- c:\programdata\{9A82E8DE-6B96-49B5-BA94-0EF3E3DE16D3}
2010-07-25 17:17 . 2008-11-28 02:38 -------- d-----w- c:\programdata\Google Updater
2010-07-22 03:30 . 2008-11-28 02:38 -------- d-----w- c:\program files\Google
2010-07-12 05:58 . 2008-03-20 07:34 -------- d-----w- c:\programdata\WildTangent
2010-07-12 04:39 . 2008-11-28 07:42 -------- d-----w- c:\program files\WildGames
2010-07-11 01:11 . 2008-12-10 06:24 -------- d-----w- c:\program files\THQ
2010-07-11 01:08 . 2009-01-21 06:18 -------- d-----w- c:\users\Adam\AppData\Roaming\RiffTrax
2010-07-08 05:47 . 2010-07-08 05:47 -------- d-----w- c:\programdata\The Game Equation
2010-07-02 17:23 . 2008-11-28 07:06 -------- d-----w- c:\program files\iTunes
2010-07-02 17:21 . 2010-07-02 17:21 -------- d-----w- c:\program files\iPod
2010-07-02 17:21 . 2008-11-28 07:01 -------- d-----w- c:\program files\Common Files\Apple
2010-07-02 17:07 . 2010-07-02 17:07 -------- d-----w- c:\program files\Bonjour
2010-06-26 06:05 . 2010-08-22 17:13 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-22 17:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:02 . 2010-08-22 17:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 04:25 . 2010-08-22 17:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-17 20:49 . 2010-07-25 17:45 45072 ----a-w- c:\windows\system32\drivers\ssfmonm.sys
2010-06-17 20:49 . 2009-11-06 19:00 24496 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2010-06-17 20:49 . 2009-11-06 19:00 182056 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2010-06-08 00:44 . 2010-06-08 00:44 92 ----a-w- c:\users\Adam\AppData\Local\fusioncache.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-24 39408]
"Google Update"="c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-01-24 133104]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2010-06-26 13312]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2008-08-01 1103216]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2009-07-31 1626112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-01-07 1468296]
"MyGarminAgent"="c:\program files\Garmin\MyGarminAgent.exe" [2009-06-17 331776]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [2007-04-07 132760]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-23 30192]
"WebrootTrayApp"="c:\program files\Webroot\Security\Current\Framework\WRTray.exe" [2010-08-25 1266336]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"TMRUBottedTray"="c:\program files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-04 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-04 13683816]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2008-11-25 356352]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"MRT"="c:\windows\system32\MRT.exe" [2010-08-03 35962312]
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Impulse Now.lnk - c:\program files\Stardock\Impulse\Now\ImpulseNow.exe [2010-3-17 471040]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll" [2010-03-24 511344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GO333C~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e7,fc,7b,ce,88,34,ca,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-23 30192]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\EDA5.tmp [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2008-08-22 18688]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2008-08-22 8320]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [2007-10-11 42112]
R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [2007-06-19 23680]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-03-02 206608]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-11-30 685816]
S2 KodakSvc;Kodak AiO Device Service;c:\program files\Kodak\printer\center\KodakSvc.exe [2008-02-29 18944]
S2 RUBotted;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\TMRUBotted.exe [2008-11-06 582992]
S2 ssfmonm;ssfmonm;c:\windows\system32\DRIVERS\ssfmonm.sys [2010-06-17 45072]
S2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\Security\Current\Framework\WRConsumerService.exe [2010-08-25 3035616]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-03-02 206608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2010-08-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-24 13:57]
2010-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-21 02:38]
2010-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-21 02:38]
2010-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1685170627-3577132848-81057928-1000Core.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-24 18:13]
2010-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1685170627-3577132848-81057928-1000UA.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-24 18:13]
2010-08-21 c:\windows\Tasks\HPCeeScheduleForAdam.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-03-20 19:10]
2010-08-25 c:\windows\Tasks\Kodak AiO Scheduled Maintenance.job
- c:\program files\Kodak\Printer\Center\Kodak.Statistics.exe [2008-02-29 00:57]
2010-08-25 c:\windows\Tasks\User_Feed_Synchronization-{BF955419-3C2E-4DC3-86C2-CE8E1953218C}.job
- c:\windows\system32\msfeedssync.exe [2010-08-22 04:24]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/mStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopuInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: {51528C4F-16C1-4022-82DB-286A6F480975} = 205.171.3.65,205.171.2.65
DPF: Garmin Communicator Plug-In -
hxxps://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-08-25 07:33
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\EDA5.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(2820)
c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Stardock\MyColors\VistaSrv.exe
c:\program files\Stardock\MyColors\WBVista.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Webroot\Security\current\plugins\antimalware\AEI.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2010-08-26 00:25:37 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-26 06:25
ComboFix2.txt 2010-08-25 01:03
ComboFix3.txt 2010-08-24 03:50
ComboFix4.txt 2010-08-19 03:20
Pre-Run: 91,037,478,912 bytes free
Post-Run: 85,220,392,960 bytes free
- - End Of File - - 93FE3CDCA322E93512D3A53FE0EE5217